BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.all-systems-go.io//
BEGIN:VEVENT
UID:pretalx-ASG2017-142@cfp.all-systems-go.io
DTSTART:20171020T163000Z
DTEND:20171020T193000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Kinvolk Office
SUMMARY:Pre-Registration Event -
URL:https://cfp.all-systems-go.io/ASG2017/talk/142/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-141@cfp.all-systems-go.io
DTSTART:20171021T073000Z
DTEND:20171021T074500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Opening -
URL:https://cfp.all-systems-go.io/ASG2017/talk/141/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-115@cfp.all-systems-go.io
DTSTART:20171021T074500Z
DTEND:20171021T082500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Really crazy container troubleshooting stories - Gianluca Borello
URL:https://cfp.all-systems-go.io/ASG2017/talk/115/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-105@cfp.all-systems-go.io
DTSTART:20171021T074500Z
DTEND:20171021T082500Z
DESCRIPTION:Bluetooth technology has been extended with a brand new mesh fe
ature. This presentation gives an introduction to Bluetooth Mesh and its i
mpacts on the ecosystem. It shows the new and exciting use cases that a me
sh enabled Bluetooth low energy enables. The presentation will also put a
focus on Linux and Zephyr operating systems and its integration with Bluet
ooth Mesh.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Introducing Bluetooth Mesh - Marcel Holtmann
URL:https://cfp.all-systems-go.io/ASG2017/talk/105/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-139@cfp.all-systems-go.io
DTSTART:20171021T083000Z
DTEND:20171021T085500Z
DESCRIPTION:Extended Berkeley Packet Filter (eBPF) allows for high-performa
nce introspection of the Linux kernel execution. eBPF is widely available
(part of the mainline kernel and enabled by most distributions)\, flexible
(any kernel code path can be probed) and safe (driven from userspace and
statically verified). In this talk\, I will introduce eBPF\, explaining ho
w it can be used to track TCP connections in real time. On the way I will
demonstrate it is possible to access eBPF from languages other than C (Gol
ang) and remove undesirable runtime dependencies (LLVM compiler and kernel
-headers). At Weaveworks we are using eBPF for the connection-tracker of t
he Weave Scope visualization tool.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:High-performance Linux monitoring with eBPF - Alfonso Acosta
URL:https://cfp.all-systems-go.io/ASG2017/talk/139/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-118@cfp.all-systems-go.io
DTSTART:20171021T083000Z
DTEND:20171021T085500Z
DESCRIPTION:A quick introduction to the unique memory management concepts o
f Rust.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Rust memory management - Zeeshan Ali
URL:https://cfp.all-systems-go.io/ASG2017/talk/118/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-104@cfp.all-systems-go.io
DTSTART:20171021T090000Z
DTEND:20171021T091500Z
DESCRIPTION:Open services mark a paradigm shift similar to the disruption c
aused by open-source software in the 90s\, but the path to effective adopt
ion of open services tooling is sometimes unclear. Blake will share patter
ns and learnings from his experience integrating one such tool\, Habitat\,
at smartB GmbH.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Incremental Adoption of Open Services with Habitat - Blake Irvin
URL:https://cfp.all-systems-go.io/ASG2017/talk/104/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-113@cfp.all-systems-go.io
DTSTART:20171021T090000Z
DTEND:20171021T091500Z
DESCRIPTION:With the growing number of network cloud services it becomes es
sential to be able to monitor\, troubleshoot and analyze different virtual
ization or container technologies. Being able to monitor complex heterogen
eous federated cloud environments is key.\n\nSkydive is a real-time and po
st-mortem topology and packet analyzer. To do so\, it listens for networki
ng kernel events\, monitors network namespaces\, watches external componen
ts such as OVSDB and Docker. Skydive can make use of AF_PACKET or eBPF pro
grams to capture traffic. Thanks to its classifier Skydive is able to map
the network traffic with the topology.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Network troubleshooting in heterogeneous cloud environment with Sky
dive - Sylvain Afchain
URL:https://cfp.all-systems-go.io/ASG2017/talk/113/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-145@cfp.all-systems-go.io
DTSTART:20171021T091500Z
DTEND:20171021T093000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/145/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-144@cfp.all-systems-go.io
DTSTART:20171021T091500Z
DTEND:20171021T093000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/144/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-93@cfp.all-systems-go.io
DTSTART:20171021T093000Z
DTEND:20171021T101500Z
DESCRIPTION:The introduction on Accelerated Networking on Azure created cha
llenges integrating support in Linux distributions. The original method us
ing bonding had issues that were solved by introducing a new mode called "
Transparent VF". This mode solves issues with udev\, cloudinit and distrib
ution specific network initialization. This talk will also cover the proce
ss of how Linux support for Azure is integrated with upstreamand distribut
ions.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Azure networking integration challenges - Stephen Hemminger
URL:https://cfp.all-systems-go.io/ASG2017/talk/93/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-103@cfp.all-systems-go.io
DTSTART:20171021T093000Z
DTEND:20171021T101500Z
DESCRIPTION:Habitat is the best way for software developers to build\, depl
oy\, and manage modern applications - regardless of their expertise. Habit
at provides a self-healing\, self-configuring\, stack-agnostic\, frictionl
ess abstraction for running applications—regardless of their complexity
on whatever infrastructure you prefer\, from physical hardware and virtual
machines to containers and everything in between. This session will show
you how to build and run your own application. You will learn how scaffold
ing helps you quickly and easily package your application. Explore the bui
ld system used for generating Habitat artifacts. Run an application using
the Habitat supervisor. This is the talk for anyone who's just learning ab
out Habitat or those that are interested in seeing some of the newer featu
res of the framework.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Getting Started with Habitat - Jamie Winsor
URL:https://cfp.all-systems-go.io/ASG2017/talk/103/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-146@cfp.all-systems-go.io
DTSTART:20171021T101500Z
DTEND:20171021T114500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Lunch -
URL:https://cfp.all-systems-go.io/ASG2017/talk/146/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-147@cfp.all-systems-go.io
DTSTART:20171021T101500Z
DTEND:20171021T114500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Lunch -
URL:https://cfp.all-systems-go.io/ASG2017/talk/147/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-129@cfp.all-systems-go.io
DTSTART:20171021T114500Z
DTEND:20171021T122500Z
DESCRIPTION:We will discuss the various malware infecting Linux IoT devices
including Mirai\, Hajime\, and BrickerBot and the vulnerabilities they le
verage to enslave or brick connected devices. We will walk the audience th
rough specific vectors they used to exploit devices and cover some basics
in security hardening that would have largely protected from many of the w
idespread malware.\n\nSome of the fundamental security concepts we will co
ver include:\n\nClosing unused open network ports\nIntrusion detection sys
tems\nEnforcing password complexity and policies\nRemoving unnecessary ser
vices\nFrequent software updates to fix bugs and patch security vulnerabil
ities\n\nWe will also delve into the arguments and counter-arguments of vi
gilante hacking with Hajime and BrickerBot as examples and the potential l
ong-term consequences in this new age of connected devices.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:The IoT botnet wars\, Linux devices\, and the absence of basic secu
rity hardening - Drew Moseley
URL:https://cfp.all-systems-go.io/ASG2017/talk/129/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-126@cfp.all-systems-go.io
DTSTART:20171021T114500Z
DTEND:20171021T122500Z
DESCRIPTION:We'll be talking about what we learned throughout the past year
running systemd in production at Facebook: new challenges that have come
up\, how the integration process went and the areas of improvement we disc
overed. We'll also discuss our efforts building a monitoring solution for
system services based on systemd.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:systemd @ Facebook — a year later - Davide Cavalca
URL:https://cfp.all-systems-go.io/ASG2017/talk/126/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-99@cfp.all-systems-go.io
DTSTART:20171021T123000Z
DTEND:20171021T125500Z
DESCRIPTION:Cockpit is an open source project that has built the new system
admin UI for Linux. It turns Linux server into something discoverable and
usable. Its goal is to remove the steep learning curve for Linux deployme
nts.\n\nCockpit lets you immediately dive into things like storage\, netwo
rk configuration\, system log diagnosis\, container troubleshooting and Ku
bernetes orchestration. All while being zero-footprint: It goes away when
not in use. Cockpit interacts well with other management configuration too
ls\, it reacts instantly to system changes made elsewhere.\n\nWe'll look a
t how Cockpit is an actual linux user session that you drive through your
browser\, running with user privileges\, and accesses to the native system
APIs and tools.\n\nYou'll be able to build new pieces of sysadmin UI as f
ast as you write a shell script. In fact we'll do it on stage in a few min
utes.\n
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Cockpit: A Linux sysadmin session in your Browser - Stef Walter
URL:https://cfp.all-systems-go.io/ASG2017/talk/99/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-123@cfp.all-systems-go.io
DTSTART:20171021T123000Z
DTEND:20171021T125500Z
DESCRIPTION:rkt is a modern container runtime\, built for security\, effici
ency\, and composability. It is one of the container runtimes supported by
Kubernetes but the current implementation (“rktnetes”) doesn’t supp
ort the Container Runtime Interface (CRI). The work-in-progress CRI implem
entation is called rktlet.\n\nThis presentation will give an update on the
rkt project\, what new features were implemented recently and what’s co
ming up. It will also give an update on the state of the rktlet: what feat
ures are missing and what workarounds should be removed before it becomes
a complete implementation of the CRI.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:State of the rkt container runtime - Iago López Galeiras
URL:https://cfp.all-systems-go.io/ASG2017/talk/123/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-114@cfp.all-systems-go.io
DTSTART:20171021T130000Z
DTEND:20171021T134000Z
DESCRIPTION:Desktop application sandboxing is quite different than traditio
nal\ncontainer isolation\, learn how flatpak does it\, using the concept o
f\nportals.\n
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Portals\, dynamic permissions in Flatpak - Alexander Larsson
URL:https://cfp.all-systems-go.io/ASG2017/talk/114/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-117@cfp.all-systems-go.io
DTSTART:20171021T130000Z
DTEND:20171021T134000Z
DESCRIPTION:A status report on Reproducible builds\, which enable everyone
to verify that a given binary is made from the source it is claimed to be
made from\, by enabling anyone to create bit by bit identical binaries.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Reproducible Builds - where do we want to go tomorrow? - Holger Lev
sen
URL:https://cfp.all-systems-go.io/ASG2017/talk/117/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-95@cfp.all-systems-go.io
DTSTART:20171021T134500Z
DTEND:20171021T140000Z
DESCRIPTION:Containers have become a popular way of packaging and running a
pplications\, especially for server applications using microservice archit
ectures. As containers can be started in no time\, building new container
images replacing old ones has become the predominant way of applying updat
es. Having continuous delivery pipelines for building these images becomes
a key problem. This talk will show how the Open Build Service provides a
way to automate container builds including tracking updates and automatic
rebuilds of dependent containers. This makes it easy to create secure and
up to date containers all day.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Building containers all day - Cornelius Schumacher
URL:https://cfp.all-systems-go.io/ASG2017/talk/95/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-100@cfp.all-systems-go.io
DTSTART:20171021T134500Z
DTEND:20171021T140000Z
DESCRIPTION:Containers: love 'em or hate 'em -- whether you think they're t
he hottest new thing or yesteryear's same ideas in new clothing -- the bot
h rapid and sustained rate of adoption of recent container technologies sa
ys one thing clearly: We Were Missing Something. But what\, exactly? And h
ave we found "it"? Or are we just beginning to uncover something new about
the way we all\, in our deepest hearts\, wish computers would be? In thi
s talk\, we'll survey where containers came from\, and question where they
’re going: a discussion that crosses package management\, releasing\, de
ployment\, immutability\, reproducibility\, and questions how meanings of
all these things are now changing.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Containers: What Did We Learn? - Eric Myhre
URL:https://cfp.all-systems-go.io/ASG2017/talk/100/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-149@cfp.all-systems-go.io
DTSTART:20171021T140000Z
DTEND:20171021T141500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/149/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-148@cfp.all-systems-go.io
DTSTART:20171021T140000Z
DTEND:20171021T141500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/148/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-135@cfp.all-systems-go.io
DTSTART:20171021T141500Z
DTEND:20171021T145500Z
DESCRIPTION:To achieve faster and easier containerization at Facebook we ha
ve started utilizing Chef\, Btrfs and Systemd to improve our container sys
tem. These tools helped us to design a robust base for our cluster managem
ent will allow us to concentrate more higher level functionality. Our vers
ion of image and task handling tries address some issues common both to Fa
cebook and the industry.\n
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Using systemd for containers @ Facebook - Zeal Jagannatha\, Zoltan
Puskas
URL:https://cfp.all-systems-go.io/ASG2017/talk/135/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-159@cfp.all-systems-go.io
DTSTART:20171021T141500Z
DTEND:20171021T145500Z
DESCRIPTION:As Infrastructure operators we're exposed to a lot of plumbing
and not a lot of porcelain. Worse\, because our concerns are often esoteri
c (in the eyes of application developers) we have to fix our own pipes too
. Often this leads to the "homeowners dilemma"... Making the call of when
to patch things up\, when to rip out the pipes\, and when to abandon gas
lamps for electricity.\n\nWe outline a number of aging pipes\, proposed (a
nd implemented) solutions\, and ideas for dragging our systems into the fu
ture.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Fix\, forget\, or forge a new path? - Brian 'redbeard' Harrington
URL:https://cfp.all-systems-go.io/ASG2017/talk/159/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-124@cfp.all-systems-go.io
DTSTART:20171021T150000Z
DTEND:20171021T152500Z
DESCRIPTION:Today\, the systemd project uses a non-standard superset of C t
o get destructor-like functionality. But\, we pay a heavy price for doing
it this way: we lose compiler portability\, use hundreds of boilerplate ma
cros\, and confuse static analysis tools (which don't always realize why w
e're not leaking memory). At compilation\, the cleanup functionality gets
mapped to the same facilities that handle C++ destructors. So\, essentiall
y\, we're already using a non-standard version of C++ as well as a non-sta
ndard version of C. We can end this charade by following in GCC's footstep
s and explicitly using a subset
of C++. By doing so\, we can shed thousands of lines of C-trying-to-b
e-C++. We can also improve memory safety and code readability -- all
while keeping the feel of C.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Streamlining systemd's code and safety - David Strauss
URL:https://cfp.all-systems-go.io/ASG2017/talk/124/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-110@cfp.all-systems-go.io
DTSTART:20171021T150000Z
DTEND:20171021T152500Z
DESCRIPTION:Landlock is a proposal for a new Linux Security Module (LSM) to
create secure sandboxes with the goal “to empower any process\, includi
ng unprivileged ones\, to securely restrict themselves.” This presentati
on will give an overview on what Landlock is\, discuss the current status
of the patchset and demonstrate how Landlock works\, as well as its differ
ences compared to other Linux security modules.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Landlock LSM: Towards unprivileged sandboxing - Michael Schubert
URL:https://cfp.all-systems-go.io/ASG2017/talk/110/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-122@cfp.all-systems-go.io
DTSTART:20171021T153000Z
DTEND:20171021T155500Z
DESCRIPTION:A key requirement for connected Linux devices is the ability to
deploy remote software updates to them so that bugs\, vulnerabilities and
new features can be addressed while devices live in the field for up to 1
0 years.\n\nAs part of the Mender.io project\, we have interviewed more th
an 100 embedded developers to understand best practices and the current st
ate of enabling software updates for connected devices today. The key requ
irements found during this study can be split into the following areas we
cover:\n\n- Robustness\n- Ease\n- Performant\n- Secure\n- Extensible
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Software updates for connected Linux devices: key requirements - Dr
ew Moseley
URL:https://cfp.all-systems-go.io/ASG2017/talk/122/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-92@cfp.all-systems-go.io
DTSTART:20171021T153000Z
DTEND:20171021T155500Z
DESCRIPTION:BPF is a Linux in-kernel virtual machine that is used for netwo
rking\, tracing\, seccomp and more. This talk will give an introduction to
the extended BPF subsystem in Linux\, an overview on how it works\, show
available tools to work with and explain possibilities as well as limits.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:A gentle introduction to [e]BPF - Michael Schubert
URL:https://cfp.all-systems-go.io/ASG2017/talk/92/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-101@cfp.all-systems-go.io
DTSTART:20171021T160000Z
DTEND:20171021T163000Z
DESCRIPTION:systemd service management today supports a number of the featu
res that container management is known for\, but for classic system servic
es. Let's see which ones\, and how to make use of them.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Containers without a Container Manager\, with systemd - Lennart Poe
ttering
URL:https://cfp.all-systems-go.io/ASG2017/talk/101/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-119@cfp.all-systems-go.io
DTSTART:20171021T160000Z
DTEND:20171021T163000Z
DESCRIPTION:Today the technological worlds centralize principle is to autom
ate each conceivable thing for simplicity in life\, providing security\,\n
saving electricity and time. \nHome automation is “The Internet of
Things"…The way that all of our devices and appliances will be networke
d together to provide us with a seamless control over all aspects of our h
ome and more.\n\nAlso a step toward what is referred to as the "Int
ernet of Things\," in which everything has an assigned IP address\, and ca
n be monitored and accessed remotely.\n\nThe idea of automating each appli
ance in the home is done from many years ago\, it started with connecting
two electric wires to the battery and close the circuit by connecting load
as a light.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Securing Home Automation with Tor - Kalyan Dikshit
URL:https://cfp.all-systems-go.io/ASG2017/talk/119/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-143@cfp.all-systems-go.io
DTSTART:20171021T170000Z
DTEND:20171021T215500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Social Event -
URL:https://cfp.all-systems-go.io/ASG2017/talk/143/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-137@cfp.all-systems-go.io
DTSTART:20171022T073000Z
DTEND:20171022T075500Z
DESCRIPTION:Kubernetes promises healing your application on all kinds of fa
ilure scenarios\, but why not self-heal Kubernetes itself?
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:What If Component xxx Dies? Introducing Self-Healing Kubernetes - M
ax Leonard Inden
URL:https://cfp.all-systems-go.io/ASG2017/talk/137/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-109@cfp.all-systems-go.io
DTSTART:20171022T073000Z
DTEND:20171022T075500Z
DESCRIPTION:kube-spawn is a tool to easily start a local\, multi-node Kuber
netes cluster on a Linux machine. While it was originally meant to be used
mainly by developers of Kubernetes\, it has been turned into a tool that
is great for just trying Kubernetes out. In this talk\, I will give a gene
ral introduction to kube-spawn and cover integration issues.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:kube-spawn: testing multi-node Kubernetes clusters on Linux systems
- Dongsu Park
URL:https://cfp.all-systems-go.io/ASG2017/talk/109/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-96@cfp.all-systems-go.io
DTSTART:20171022T080000Z
DTEND:20171022T084000Z
DESCRIPTION:cgroupv1 (or just "cgroups") has helped revolutionise the way t
hat we manage and use containers over the past 8 years. A complete overhau
l is coming -- cgroupv2. This talk will go into why a new control group sy
stem was needed\, the changes from cgroupv1\, and practical uses that you
can apply to improve the level of control you have over the processes on y
our servers.\n\nWe will go over:\n\n- Design decisions and deviations for
cgroupv2 compared to v1\n- Pitfalls and caveats you may encounter when mig
rating to cgroupv2\n- Discussion of the internals of cgroupv2\n- Practical
information about how we are using cgroupv2 inside Facebook
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:cgroupv2: Linux's new unified control group hierarchy - Chris Down
URL:https://cfp.all-systems-go.io/ASG2017/talk/96/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-108@cfp.all-systems-go.io
DTSTART:20171022T080000Z
DTEND:20171022T084000Z
DESCRIPTION:Potential solutions to achieving containerization on constraine
d devices.\n\n1. Why?\n2. a content addressable elf linker (bolter)\n3. sp
ace efficient container imaging (korhal)\n4. oci compliant runtime (railca
r)
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:kubernetes for toasters? - Arvid E. Picciani
URL:https://cfp.all-systems-go.io/ASG2017/talk/108/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-131@cfp.all-systems-go.io
DTSTART:20171022T084500Z
DTEND:20171022T091500Z
DESCRIPTION:When configuration changes\, daemon-reload stops the world in a
n increasingly unsustainable way. The problem is getting worse for two rea
sons: (1) heavier use of systemd means more units and longer reload times
and (2) expanded use of socket activation/D-Bus activation/automount means
more things urgently need PID 1's attention. There are ways to fix this u
p\, but we'll need to move away from stopping the world (the main event lo
op)\, throwing out most loaded state\, reloading state\, and then resuming
event handling.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Unbreaking reloads: strategies for fast and non-blocking reconfigur
ation - David Strauss
URL:https://cfp.all-systems-go.io/ASG2017/talk/131/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-134@cfp.all-systems-go.io
DTSTART:20171022T084500Z
DTEND:20171022T091500Z
DESCRIPTION:In this talk\, I will present different use cases for using BPF
in a Kubernetes cluster. BPF is a Linux in-kernel virtual machine and the
re are different kinds of BPF programs for different subsystems that will
be considered: kprobes\, traffic control\, cgroups\, LSM. I’ll follow wi
th concrete examples\, such as Weave Scope’s HTTP Statistics plugin. Fin
ally\, I’ll share tips and tricks on how to develop your own BPF program
s in Kubernetes with the libraries bcc and gobpf\, and show ways of easily
test those with SemaphoreCI and rkt.\n
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Using BPF in Kubernetes - Alban Crequy
URL:https://cfp.all-systems-go.io/ASG2017/talk/134/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-150@cfp.all-systems-go.io
DTSTART:20171022T091500Z
DTEND:20171022T093000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/150/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-151@cfp.all-systems-go.io
DTSTART:20171022T091500Z
DTEND:20171022T093000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/151/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-112@cfp.all-systems-go.io
DTSTART:20171022T093000Z
DTEND:20171022T095500Z
DESCRIPTION:In a world of connected devices\, IoT and embedded systems\, bu
ilding robust products needs a modern deployment workflow where security a
nd constant updates are as important as the product itself. The abilities
of these systems to protect themselves\, isolate applications inside sandb
oxes or containers\, and support constant updates will enhance the product
's security\, its longevity and all the offered services around it. In thi
s regard\, Linux containers are one of the mechanisms that may allow to so
lve some of the Embedded and IoT systems problems\, however their adoption
is still facing some challenges such how can these mechanisms fit in the
final embedded environment ?\n\nIn order to improve container integration
in the Embedded Linux world\, we will explore in this presentation some up
coming systemd and Linux kernel features\, notably a new Security Permissi
on model for systemd\, a new lightweight container environment that allows
to deploy and sandbox portable applications\, some new kernel hardening f
eatures that can be used by both containers and the kernel itself to prote
ct the entire system. Additionally we will discuss how to apply constant u
pdates\, how we can integrate this with systemd\, and how to update the en
tire system. Some of this or all of it is already or will be available by
default in Yocto project. To conclude we will demonstrate some results on
how to block real life vulnerabilities in such Embedded Linux systems.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Modern deployment for Embedded Linux and IoT - Djalal Harouni
URL:https://cfp.all-systems-go.io/ASG2017/talk/112/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-121@cfp.all-systems-go.io
DTSTART:20171022T093000Z
DTEND:20171022T095500Z
DESCRIPTION:How to get a slightly broken hard disk for testing file systems
or udisks? A wifi access point which supports the old 802.11b standard fo
r writing a test case for NetworkManager? Downloading a photo from a parti
cular camera model which you don't own\, but got a libgphoto bug report fo
r? In this hands-on presentation and live demo of various Linux kernel and
userspace tools I will show you how.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Simulate hardware for integration testing - Martin Pitt
URL:https://cfp.all-systems-go.io/ASG2017/talk/121/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-125@cfp.all-systems-go.io
DTSTART:20171022T100000Z
DTEND:20171022T104500Z
DESCRIPTION:casync is a novel tool for delivering OS images across the Inte
rnet. While there are many tools like this around\, casync has some featur
es that set it apart. In this talk we'll discuss why it is useful for deli
vering your IoT\, container\, application or OS images\, and how you can m
ake use of it.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Synchronizing images with casync - Lennart Poettering
URL:https://cfp.all-systems-go.io/ASG2017/talk/125/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-130@cfp.all-systems-go.io
DTSTART:20171022T100000Z
DTEND:20171022T104500Z
DESCRIPTION:n the Cockpit project we’ve done something amazing: We’ve b
uilt “robot” contributors to an Open Source project. “Cockpituous”
\, our project’s #5 contributor\, is actually our automated team members
.\n\nBots do the mundane tasks that would otherwise use up the time of hum
an contributors. During the talk you can see them self-organizing\, findin
g issues\, contributing code changes\, making decisions\, releasing the so
ftware into Linux distros and containers. They work in a completely distri
buted\, organic way\, and run in containers.\n\nWe’ll talk about how hum
ans are pair-programming with bots\, and moving at a pace that would be un
thinkable otherwise. \n\nTreating the bots as team members is fundamental
to achieving this. I’m excited to show you how to pull that off.\n
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Cyborg Teams - Stef Walter
URL:https://cfp.all-systems-go.io/ASG2017/talk/130/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-152@cfp.all-systems-go.io
DTSTART:20171022T104500Z
DTEND:20171022T121500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Lunch -
URL:https://cfp.all-systems-go.io/ASG2017/talk/152/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-153@cfp.all-systems-go.io
DTSTART:20171022T104500Z
DTEND:20171022T121500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Lunch -
URL:https://cfp.all-systems-go.io/ASG2017/talk/153/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-111@cfp.all-systems-go.io
DTSTART:20171022T121500Z
DTEND:20171022T125500Z
DESCRIPTION:The Meson build system has been picking up steam this year and
many\nfundamental projects have transitioned to it from their old build\ns
ystems. In this talk we shall look at the advantages and disadvantages the
se transitions have brought\, what we can expect from the future of build
systems and what effect this change may have on the larger Linux ecosystem
.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Meson and the changing Linux build landscape - Jussi Pakkanen
URL:https://cfp.all-systems-go.io/ASG2017/talk/111/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-138@cfp.all-systems-go.io
DTSTART:20171022T121500Z
DTEND:20171022T125500Z
DESCRIPTION:Nowadays\, most end devices have multiple network interfaces to
connect to the Internet. They usually pick a statically configured defaul
t interface\, such as WiFi\, which they prefer over LTE when both are avai
lable\, but this is not necessarily the choice that provides the best perf
ormance to the application. Socket Intents is a research prototype that ad
dresses the problem of finding policies of which network interface to pick
for what kind of traffic or application. It provides several networking A
PIs through which an application can specify its "Intents"\, i.e.\, what i
t knows or assumes about its own traffic. The prototype then decides which
of the available network interfaces to use.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Which network to use when - Socket Intents - Theresa Enghardt
URL:https://cfp.all-systems-go.io/ASG2017/talk/138/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-136@cfp.all-systems-go.io
DTSTART:20171022T130000Z
DTEND:20171022T134000Z
DESCRIPTION:Containers are pretty cool\, but in scenarios where they don't
satisfy all the requirements\, service providers still rely on virtualizat
ion. Hardware virtualization became mainstream 1 decade ago and it never s
topped evolving. I even dare to say that virtualization is not boring anym
ore!\nIn this presentation I will talk about the most significant hardware
changes in the virtualization world.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Virtualization: what changed in the last decade - Hugo Tavares Reis
URL:https://cfp.all-systems-go.io/ASG2017/talk/136/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-160@cfp.all-systems-go.io
DTSTART:20171022T130000Z
DTEND:20171022T134000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Insecure containers? - Andrew Martin
URL:https://cfp.all-systems-go.io/ASG2017/talk/160/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-158@cfp.all-systems-go.io
DTSTART:20171022T134500Z
DTEND:20171022T141500Z
DESCRIPTION:AgileBits\, the company behind the 1password password manager\,
published a spec for their “opvault” format to show how confident the
y are in its design. This eliminates the need to reverse-engineer the encr
yption when trying to read from such a vault on a system where they\ndon
’t provide their tool.\n\nIn this talk we’ll see an overview of the de
sign of the format\, such as the key derivation or the decision to split t
he meta-data from the details such as username and passwords.\n\nAt the sa
me time\, the talk will follow the implementation of a library to read thi
s format in Rust\, which started as a way to practice the language but now
has grown a GUI to display these entries so I can use the vault on my des
ktop.
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Creating your own 1password clone - Carlos Martín Nieto
URL:https://cfp.all-systems-go.io/ASG2017/talk/158/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-132@cfp.all-systems-go.io
DTSTART:20171022T134500Z
DTEND:20171022T141500Z
DESCRIPTION:This presentation is about a new 802.11 wireless daemon for Lin
ux. It is a lightweight daemon handling all aspects around WiFi support fo
r Linux. It is designed with a tiny footprint for IoT use cases in mind. A
fter its initial release last year\, this provides the update on the progr
ess and its integration into ConnMan and Network Manager.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Update on new WiFi daemon for Linux - Marcel Holtmann
URL:https://cfp.all-systems-go.io/ASG2017/talk/132/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-155@cfp.all-systems-go.io
DTSTART:20171022T141500Z
DTEND:20171022T143000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/155/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-154@cfp.all-systems-go.io
DTSTART:20171022T141500Z
DTEND:20171022T143000Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Break -
URL:https://cfp.all-systems-go.io/ASG2017/talk/154/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-140@cfp.all-systems-go.io
DTSTART:20171022T143000Z
DTEND:20171022T151000Z
DESCRIPTION:Secure boot as it currently exists in desktop Linux distributio
ns is sufficient to verify that the bootloader and kernel have not been ta
mpered with\, but generally does nothing to ensure that userland is secure
. How can we fix that?
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Building a secure boot chain to userland - Matthew Garrett
URL:https://cfp.all-systems-go.io/ASG2017/talk/140/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-157@cfp.all-systems-go.io
DTSTART:20171022T143000Z
DTEND:20171022T144000Z
DESCRIPTION:The container has become one of the most overloaded industry bu
zzwords of the last five years. From Jails to LXC to Zones to systemd-nspa
wn Docker to rkt - there's an assortment of different tools on different p
latforms that call themselves containers\, and no clear consensus what it
means when it comes to distributing containers or implementing the underly
ing technical details. The Open Container Initiative was formed in 2015 to
try to remedy this situation by establishing a shared set of container st
andards for different implementers to agree on. With representatives from
all major server operating system platforms\, the Initiative has made grea
t strides towards specifying a truly interoperable container. The two key
OCI projects recently hit their canonical 1.0 version\; this talk will exp
lain what OCI is and what that milestone means for the container ecosystem
.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:What's in a container? The OCI Answer - Jon Boulle
URL:https://cfp.all-systems-go.io/ASG2017/talk/157/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-128@cfp.all-systems-go.io
DTSTART:20171022T144500Z
DTEND:20171022T151000Z
DESCRIPTION:Used by many major distributions\, systemd is widely known in t
he desktop and\nserver world. But it is not so common to find it in embedd
ed product.\nIn this talk\, we will show how systemd can be a real benefit
for the embedded\nworld\; for both your sanity and your time.\nWe will di
scuss how systemd was integrated into Phantom\, a speaker from\nDevialet\,
and what was the pro and cons of using it.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Tango with systemd - Maxime Hadjinlian
URL:https://cfp.all-systems-go.io/ASG2017/talk/128/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-107@cfp.all-systems-go.io
DTSTART:20171022T151500Z
DTEND:20171022T154000Z
DESCRIPTION:See how Red Hat's Session Recording project is using Systemd Jo
urnal to store and playback recordings of terminal sessions. Wonder at the
challenges the project faces\, such as dealing with various terminal type
s\, character encodings\, random playback positioning\, etc.
DTSTAMP:20240328T214239Z
LOCATION:Galerie
SUMMARY:Journal as a Storage and Other Adventures in User Session Recording
- Nikolai Kondrashov
URL:https://cfp.all-systems-go.io/ASG2017/talk/107/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-133@cfp.all-systems-go.io
DTSTART:20171022T151500Z
DTEND:20171022T154000Z
DESCRIPTION:Updating embedded systems reliably requires more than just the
actual\nupdate process. This presentation gives an overview of the overall
design\nand components needed for successful system updates.\n
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Updating Embedded Systems -- Putting it all Together - Michael Olbr
ich
URL:https://cfp.all-systems-go.io/ASG2017/talk/133/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-ASG2017-156@cfp.all-systems-go.io
DTSTART:20171022T154500Z
DTEND:20171022T161500Z
DESCRIPTION:
DTSTAMP:20240328T214239Z
LOCATION:Event Loft
SUMMARY:Closing -
URL:https://cfp.all-systems-go.io/ASG2017/talk/156/
END:VEVENT
END:VCALENDAR